Siebel Security Guide > User Administration > Configuring Anonymous Browsing >

Implementing Anonymous Browsing

To make views accessible to unregistered users, you must perform the following tasks:

• Modify the anonymous user record.
• Set configuration parameters.
• Modify views to support anonymous browsing, or to require explicit login instead.

For Siebel Business Applications for which anonymous browsing is implemented by default, confirm that these tasks are done.

Modifying the Anonymous User Record

The anonymous user is a record in the Siebel database and, if you implement external user authentication, a corresponding record in the external directory of users. The anonymous user is a component in user authentication, anonymous browsing, and self-registration. For applications that allow anonymous browsing, the anonymous user provides visibility of the pages for which you allow anonymous browsing.

Set up your user authentication architecture before configuring an application for user access. Make sure that the anonymous user already exists in your Siebel database and in your directory.

The responsibility that is assigned to a user record in the database contains a list of views to which the user has access. You must confirm that the anonymous user that you use for your Siebel application includes an appropriate responsibility so that unregistered users can see the views you intend them to see.

If you choose to use a seed anonymous user in your authentication setup, then verify that its seed responsibility includes the views you want to provide for anonymous browsing. For example, if you use the GUESTCST seed user for a Siebel customer application, then verify that its responsibility, Web Anonymous User, includes the required views. If the responsibility does not include your required views, then you can do one of the following:

• Create one or more additional responsibilities that include missing views, and then add these responsibilities to the existing seed responsibility in the anonymous user's Responsibility field. The user has access to all the views in all the assigned responsibilities.
• Copy the seed responsibility record, add missing views to the copy, and replace the responsibility in the anonymous user record with the modified responsibility.

  NOTE:  You cannot directly modify a seed responsibility.

For information about creating a responsibility or adding views to a responsibility, see Configuring Access Control. For information about assigning a responsibility to a user, see Internal Administration of Users. For information about seed data, see Seed Data.

Setting Configuration Parameters for Anonymous Browsing

You must set the following configuration parameters to allow anonymous browsing.

• AllowAnonUsers. Set this parameter in the Siebel application configuration file to TRUE.

  For information about setting parameter values in application configuration files, see Siebel Application Configuration File Parameters.

• AnonUserName. This parameter from the eapps.cfg file is the user name for an anonymous user that is stored in the directory and also in the Siebel database.

  The anonymous user provides binding between the directory and the AOM to allow a Siebel application home page to display to a user who has not logged in. Similarly, this anonymous user supplies a login so the user can see other pages for which you allow anonymous browsing.

  For information about setting parameter values in the eapps.cfg file, see Parameters in the eapps.cfg File.

• AnonPassword. This parameter from the eapps.cfg file is the authenticated password that is paired with AnonUserName.